pieceofcake2 / authenticate
CakePHP plugin with authentication classes for AuthComponent.
Installs: 0
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 40
Type:cakephp-plugin
pkg:composer/pieceofcake2/authenticate
Requires
- php: ^8.0
- composer/installers: *
- pieceofcake2/cakephp: ^2.10
Requires (Dev)
- cakephp/cakephp-codesniffer: ^5.0
- phpstan/phpstan: ^2.1
- phpunit/phpunit: ^9.6
- pieceofcake2/app: ^2.1
- pieceofcake2/phpstan-cakephp2: ^0.2.1
Replaces
- ceeram/authenticate: ^1.0
- friendsofcake/authenticate: ^1.0
README
This is forked for CakePHP2.
Plugin containing some authenticate classes for AuthComponent.
Current classes:
- MultiColumnAuthenticate, allow login with multiple db columns in single username field For example username or email
- CookieAuthenticate, login with a cookie
- TokenAuthenticate, login with a token as url parameter or header
GoogleAuthenticate is moved to separate repo: https://github.com/ceeram/GoogleAuthenticate
Requirements
- PHP 8.0+
- CakePHP 2.10+
Installation
run: composer require pieceofcake2/authenticate
Usage
In app/Config/bootstrap.php
add: CakePlugin::load('Authenticate')
;
Configuration:
Setup the authentication class settings
MultiColumnAuthenticate:
//in $components public $components = [ 'Auth' => [ 'authenticate' => [ 'Authenticate.MultiColumn' => [ 'fields' => [ 'username' => 'login', 'password' => 'password' ], 'columns' => ['username', 'email'], 'userModel' => 'User', 'scope' => ['User.active' => 1], ] ] ] ]; //Or in beforeFilter() $this->Auth->authenticate = [ 'Authenticate.MultiColumn' => [ 'fields' => [ 'username' => 'login', 'password' => 'password' ], 'columns' => ['username', 'email'], 'userModel' => 'User', 'scope' => ['User.active' => 1], ] ];
CookieAuthenticate:
//in $components public $components = [ 'Auth' => [ 'authenticate' => [ 'Authenticate.Cookie' => [ 'fields' => [ 'username' => 'login', 'password' => 'password' ], 'userModel' => 'SomePlugin.User', 'scope' => ['User.active' => 1], ] ] ] ]; //Or in beforeFilter() $this->Auth->authenticate = [ 'Authenticate.Cookie' => [ 'fields' => [ 'username' => 'login', 'password' => 'password' ], 'userModel' => 'SomePlugin.User', 'scope' => ['User.active' => 1], ] ];
Setup both:
It will first try to read the cookie, if that fails will try with form data:
//in $components public $components = [ 'Auth' => [ 'authenticate' => [ 'Authenticate.Cookie' => [ 'fields' => [ 'username' => 'login', 'password' => 'password' ], 'userModel' => 'SomePlugin.User', 'scope' => ['User.active' => 1], ], 'Authenticate.MultiColumn' => [ 'fields' => [ 'username' => 'login', 'password' => 'password' ], 'columns' => ['username', 'email'], 'userModel' => 'User', 'scope' => ['User.active' => 1], ] ] ] ];
Security
For enhanced security, make sure you add this code to your AppController::beforeFilter()
if you intend to use Cookie
authentication:
public function beforeFilter() { $this->Cookie->type('rijndael'); //Enable AES symetric encryption of cookie }
Setting the cookie
Example for setting the cookie:
<?php App::uses('AppController', 'Controller'); /** * Users Controller * * @property User $User */ class UsersController extends AppController { public $components = ['Cookie']; public function beforeFilter() { $this->Cookie->type('rijndael'); } public function login() { if ($this->Auth->loggedIn() || $this->Auth->login()) { $this->_setCookie(); $this->redirect($this->Auth->redirect()); } } protected function _setCookie() { if (!$this->request->data('User.remember_me')) { return false; } $data = [ 'username' => $this->request->data('User.username'), 'password' => $this->request->data('User.password') ]; $this->Cookie->write('User', $data, true, '+1 week'); return true; } public function logout() { $this->Auth->logout(); $this->Session->setFlash('Logged out'); $this->redirect($this->Auth->redirect('/')); } }
TokenAuthenticate
//in $components public $components = [ 'Auth' => [ 'authenticate' => [ 'Authenticate.Token' => [ 'parameter' => '_token', 'header' => 'X-MyApiTokenHeader', 'userModel' => 'User', 'scope' => ['User.active' => 1], 'fields' => [ 'username' => 'username', 'password' => 'password', 'token' => 'public_key', ], 'continue' => true, ] ] ] ]; //Or in beforeFilter() $this->Auth->authenticate = [ 'Authenticate.Token' => [ 'parameter' => '_token', 'header' => 'X-MyApiTokenHeader', 'userModel' => 'User', 'scope' => ['User.active' => 1], 'fields' => [ 'username' => 'username', 'password' => 'password', 'token' => 'public_key', ], 'continue' => true, ] ];